Convicted computer criminals are people who are caught and convicted of computer crimes such as breaking into computers or computer networks. Computer crime can be broadly defined as criminal activity involving information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (or identity theft) and electronic fraud.[1]
In the infancy of the hacker subculture and the computer underground,[2] criminal convictions were rare because there was an informal code of ethics that was followed by white hat hackers.[3] Proponents of hacking claim to be motivated by artistic and political ends, but are often unconcerned about the use of criminal means to achieve them.[4] White hat hackers break past computer security for non-malicious reasons and do no damage, akin to breaking into a house and looking around.[5] They enjoy learning and working with computer systems, and by this experience gain a deeper understanding of electronic security.[5] As the computer industry matured, individuals with malicious intentions (black hats) would emerge to exploit computer systems for their own personal profit.[5]
Convictions of computer crimes, or hacking, began as early as 1984 with the case of The 414s from the 414 area code in Milwaukee. In that case, six teenagers broke into a number of high-profile computer systems, including Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security Pacific Bank. On May 1, 1984, one of the 414s, Gerald Wondra, was sentenced to two years of probation.[6] In May, 1986, the first computer trespass conviction to result in a jail sentence was handed down to Michael Princeton Wilkerson, who received two weeks in jail for his infiltration of Microsoft, Sundstrand Corp., Kenworth Truck Co. and Resources Conservation Co.[7]
In 2006, a prison term of nearly five years was handed down to Jeanson James Ancheta, who created hundreds of zombie computers to do his bidding via giant bot networks or botnets.[8] He then sold the botnets to the highest bidder who in turn used them for Denial-of-service (DoS) attacks.
, the longest sentence for computer crimes is that of Albert Gonzalez for 20 years.[9] The next longest sentences are those of 13 years for Max Butler,[10] 108 months for Brian Salcedo in 2004 and upheld in 2006 by the U.S. 4th Circuit Court of Appeals,[11] [12] and 68 months for Kevin Mitnick in 1999.[13]
width=14% | Name | width=7% | Handle | width=10% | Nationality | Conviction(s) | width=11% data-sort-type=date | Sentencing date(s) | Penalty |
---|---|---|---|---|---|---|---|---|---|
Conor Brian Fitzpatrick | Pompompurin | United States | Conspiracy to commit access device fraud, access device fraud, and possession of child pornography. | January 2024 | 20 years of supervised release | ||||
Michael Princeton Wilkerson | The Sprinter | United States | Four counts of Illegal Computer Trespass to computers at: Microsoft, Sundstrand Data Control, Kenworth Truck Co. and Resources Conservation Co. (a Boeing subsidiary)[14] | 7 May 1986 | Two weeks jail sentence, 200 hours community service, Two years probation, Fined US$2,000[15] | ||||
Phiber Optik | United States | Misdemeanor theft-of-service for a free-call scam to a 900 number[16] | data-sort-value="1 Jan 1991" | 1991 | 35 hours of community service | ||||
One count of computer trespass and one count of computer conspiracy[17] | data-sort-value="1 Jan 1993" | 1993 | One-year jail sentence[18] | ||||||
Ross Ulbricht | altoid/frosty/Dread Pirate Roberts | United States | money laundering, conspiracy to commit computer hacking, and conspiracy to traffic narcotics | May 29, 2015 | double life imprisonment plus forty years, without the possibility of parole. | ||||
Gobo | United States | Pleaded guilty to four federal charges of violating United States Code Section 1030, Fraud and Related Activity in Connection with Computers, specifically subsections (a)(5)(A)(i), 1030 (a)(5)(B)(i) and 1030(b)[19] | 8 May 2006 | 57 months in prison, forfeit a 1993 BMW and more than US$58,000 in profit Restitution of US$15,000 to the U.S. federal government for infecting military computers[20] [21] | |||||
Mendax / profff | Australia | 31 charges of hacking and related charges. Pleaded guilty to 25 charges, the remaining 6 were dropped.[22] | 5 December 1996 | A recorded conviction on all counts, a reparation payment of A$2,100 to ANU (to be paid in 3 months time) and a A$5,000 good-behaviour bond.[23] | |||||
Weev | United States (at time of sentencing) | On November 20, 2012, was found guilty of one count of identity fraud and one count of conspiracy to access a computer without authorization.[24] | 20 November 2012 | Auernheimer was sentenced to 41 months in federal prison and ordered to pay $73,000 in restitution.[25] | |||||
Hamza Bendelladj | Bx1 | Algeria | Pleaded guilty to one count of conspiring to commit wire and bank fraud, 10 counts of wire fraud, one count of conspiring to commit computer fraud and abuse, and 11 counts of computer fraud and abuse[26] He is a co-creator of Trojan horse SpyEye. He stole from 217 American banks in total stealing $400 million and is alleged to have donated all the money to Africa and Palestine, though Trial documents did not mention any donations or charity activities.[27] Despite much false information on the internet Bendelladj did not get sentenced to death, and claims saying he donated any money to charity is almost impossible to verify.[28] The SpyEye software was also sold to other hackers and used as part of a botnet. | 23 April 2016 | 15 years jail sentence | ||||
— | United States | Conspiracy to steal credit card numbers from the Lowe's chain of home improvement stores[29] | 16 December 2004 | Two years and two months imprisonment, followed by two years of supervised release[30] | |||||
MafiaBoy | Canada | Pleaded guilty to 56 charges of "mischief to data"[31] [32] | 12 September 2001 | Eight months "open custody", by the Montreal Youth Court, one year of probation, restricted use of the Internet and a small fine[33] | |||||
Terri DiSisto | United States | Found guilty of email bombings which caused service outages at a number of colleges and universities; victims were young males from whom he solicited tickling videos who had stopped co-operating with his requests[34] | data-sort-value="1 Jan 2001" | 2001 | Fined $5,000 (USD) and sentenced to six months in federal prison[35] [36] | ||||
Phoenix | Australia | 15 charges including trespassing on the University of Texas computer network, altering data at NASA and the theft of the ZARDOZ file | data-sort-value="1 Jan 1993" | 1993 | One-year suspended sentence: A$1,000 good-behaviour bond and 500 hours community service[37] | ||||
Curador | United Kingdom | Pleaded guilty to theft and hacking offenses which fall under the Computer Misuse Act and six charges of intentionally accessing sites containing credit card details and using this information for financial gain[38] | 6 July 2001 | Three years of psychiatric treatment after evidence emerged that he was suffering from a mental condition which needed medical treatment rather than incarceration[39] | |||||
MagicFX | United States | Admitted the hacking and pleaded guilty to two felonies in 2004.[40] | data-sort-value="1 Jan 2004" | 2004 | Sentenced to Time Served after spending 7 months in prison. | ||||
Markus Hess | — | Germany | Found guilty of espionage | February 15, 1990 | one to two years suspended sentence | ||||
c0mrade | United States | Two counts of juvenile delinquency | 21 September 2000 | Six-month prison sentence and probation until the age of eighteen[41] | |||||
Electron | Australia | Trespassing on the University of Texas computer network and theft of the ZARDOZ file | data-sort-value="1 Jan 1993" | 1993 | One year and six months suspended sentence, 300 hours of community service and psychiatric assessment and treatment | ||||
samy | United States | Pleaded guilty to violating California Penal Code 502(c)(8) for creating the "Samy is my hero" XSS worm that spread across the MySpace social networking site[42] | data-sort-value="1 Jan 2007" | 2007 | Three years of formal probation, 90 days of community service, restitution paid to MySpace, restrictions on computer use | ||||
cam0 | United States | Pleaded guilty to hacking into the cell-phone account of celebrity Paris Hilton and participated in an attack on data-collection firm LexisNexis Group that exposed personal records of more than 300,000 consumers[43] | 13 September 2005 | 11 months in a Massachusetts juvenile detention facility | |||||
— | United States | One-count of computer crimes against Microsoft, LexisNexis and The New York Times | 15 July 2004 | Six months detention at his parents' home plus two years probation and roughly US$65,000 in restitution[44] | |||||
sl1nk | United Kingdom | Pleaded guilty to five counts of "unauthorised acts with intent to impair operation of or prevent/hinder access to a computer", two of "unauthorised computer access with intent to commit other offences", one of "unauthorised computer access with intent to commit other offences", and one of "unauthorised access to computer material". Hacking attempt on the websites of Kent Police, Cambridge University and Oxford University. Former member of NullCrew and said to have penetrated the servers of Department of Defense (DoD), Pentagon, NASA, NSA, other UK government websites.[45] | 16 May 2013 | Two years imprisonment[46] | |||||
Solo | United Kingdom | Accused in 2002 of perpetrating the "biggest military computer hack of all time," although McKinnon himself states that he was merely looking for evidence of free energy suppression and a cover-up of UFO activity and other technologies potentially useful to the public. | data-sort-value="1 Jan 2002" | 2002 | On 16 October 2012, after a series of legal proceedings in Britain, Home Secretary Theresa May withdrew her extradition order to the United States. | ||||
Condor | United States | Four counts of wire fraud, two counts of computer fraud and one count of illegally intercepting a wire communication | 9 August 1999 | 46 months in federal prison and US$4,125 in restitution[47] | |||||
Coolio | United States | Misdemeanor charges of hacking | 9 March 2001 | Nine months in jail and US$5,000 in restitution to each victim[48] | |||||
rtm | United States | Intentional access of federal interest computers without authorization thereby preventing authorized access and causing a loss in excess of US$1,000[49] | 7 March 1991 | Three years probation and 400 hours of community service in a manner determined by the Probation Office and approved by the Court | |||||
T33kid | United States | Pleaded guilty on August 11, 2004, to one count of intentionally causing or attempting to cause damage to a protected computer via his version of the Blaster computer worm[50] | 28 January 2005 | 18 months in prison and 100 hours of community service[51] | |||||
The Black Baron | United Kingdom | Writing and distributing computer viruses | data-sort-value="1 Jan 1995" | 1995 | 18 months in prison | ||||
Dark Dante | United States | Pleaded guilty to seven counts of mail, wire and computer fraud, money laundering and obstruction of justice | 10 April 1995 | 51 months in prison and ordered to pay US$56,000 in restitution | |||||
Terminus | United States | Illicit use of proprietary software (UNIX 3.2 code) owned by AT&T and 2 counts of computer fraud and three counts of interstate transportation of stolen property.[52] [53] | 12 June 1991 | One-year jail sentence[54] | |||||
David Schrooten | Fortezza / Xakep | Netherlands | Accused of causing 63 million dollar in damages. Primarily for his role in trafficking creditcards he obtained by hacking other hackers.[55] [56] Pleaded guilty to Conspiracy to Commit Access Device Fraud and Bank Fraud, Access Device Fraud, Bank Fraud, Intentional Damage to a Protected Computer, and Aggravated Identity Theft. | 1 February 2013 | Extradited from Romania and sentenced to 144 months in U.S. federal prison.[57] | ||||
Track2 | Russian | Convicted of 38 counts involving unauthorized access of business information systems and stealing over two million credit card numbers. Pleaded guilty to conspiracy to commit bank fraud. | data-sort-value="1 Aug 2016" | August 2016 and September 2017 | Sentenced to 27 years' imprisonment for the 2016 conviction,[58] [59] concurrent with sentence of 14 years for the second set of charges.[60] | ||||
Kwyjibo | United States | Pleaded guilty to knowingly spreading a computer virus, the Melissa virus, with the intent to cause damage | 1 May 2002 | 20 months in federal prison, US$5,000 fine and 100 hours of community service upon release[61] | |||||
— | Russia | Accused of using Zeus Trojan horse to attack thousands of bank accounts and opened at least five accounts in Bank of America and Wachovia.[62] It is estimated that with nine other people Svechinskaya had skimmed $3 million in total.[63] | 24 June 2013 | Signed a personal recognizance bond[64] and was released under $25,000 bail.[65] Ordered to pay $35,000 in damages.[66] | |||||
Analyzer | Israel | Admitted to cracking US and Israeli computers, and pleaded guilty to conspiracy, wrongful infiltration of computerized material, disruption of computer use and destroying evidence[67] | 15 June 2001 | Six months of community service, one year of probation, a two-year suspended prison sentence and fined about US$18,000 | |||||
Gigabyte | Belgium | Wrote the Coconut-A, Sahay-A, and Sharp-A (first virus written in C#) computer viruses. Charged and arrested for computer data sabotage against internet security firm Sophos.[68] | 16 February 2004 | Released within 24 hours on bail due to being a minor (17 years old).[69] | |||||
OnTheFly | Netherlands | Spreading data into a computer network with the intention of causing damage as the creator of the Anna Kournikova virus[70] | 27 September 2001 | 150 hours community service[71] [72] | |||||
The 414s | United States | Unauthorized access to computers at the Sloan-Kettering Cancer Center in New York and a Los Angeles bank[73] and two counts of "making harassing telephone calls"[74] | 1 May 1983 | Two years probation | |||||
Tyler King | - | United States | Conspiring to commit computer fraud, computer fraud, and two counts of aggravated identity theft[75] | 2019 | 57 months federal prison[76] [77] |